A digital transport stream typically comprises scrambled audio/video/data content packets and scrambled conditional access messages (ECM, EMM) which have to be processed in order to extract control data (CW); the latter being necessary for the multimedia unit to descramble the content packets relating to the event (e.g. a broadcasted program or a set of programs). Conditional access messages include two kinds of information, namely Entitlement Control Messages (ECM) and Entitlement Management Messages (EMM). The ECM is information relating to content packets, whereas the EMM is information dedicated to an individual end user (subscriber) or a group of end users. The ECM contains the access conditions for the current broadcast event together with control word (CW) for unscrambling this event. The Control Word (CW) is a key used for decrypting content packets of a packetized event broadcasted within the data stream. Thus, each ECM is specific to each event (e.g. a TV program). The EMM is a message used by a security module to set, reset or change product access entitlements, credit, etc. . . . . Thus EMM refers to the rights (access data) of the subscriber for accessing to the content (events). Each content packet comprises payload data (i.e. data of the event such as a movie for instance) and header data. Payload data are encrypted data whereas header data are clear readable data comprising information about its content packet (e.g. an identifier).
Multimedia units such as set-top-boxes (STB) suitable for receiving pay-TV contents are each provided or connected with a security module for processing selective access to broadcast services on a per-subscriber basis managed by a conditional access system (CAS). Such a security module typically refers to a smart card (chip card) which generally can be inserted into a slot of a conditional access reader which, in this case, is a card reader. This reader can be connected to the multimedia unit or be lodged directly within this unit.
All the security operations are generally executed in the security module associated with the multimedia unit or the receiver. Such a security module can be realized in particular according to four distinct forms.
One of the forms is a microprocessor card, a smart card, or more generally an electronic module (having the form of a key, of a tag, etc. . . . ). Such a module is generally of a removable from and connectable to the receiver. The form with electric contacts is the most used, but does not exclude a link without contact, for instance of the type ISO 14443.
A second known design is that of an integrated circuit chip placed, generally in a definitive and irremovable way, in the printed board of the receiver. An alternative is constituted by a circuit mounted on a base or connector, such as a connector of a SIM module.
In a third design, the security module is integrated into an integrated circuit chip also having another function, for instance in a descrambling module of the decoder or the microprocessor of the decoder.
In a fourth embodiment, the security module is not realized in a hardware form, but its function is implemented in a software form only. This software can be obfuscated within the main software of the receiver.
Given that in the four cases the function is identical, although the security level differs, we will refer to the security module in whichever way appropriate to realize its function or the form that can take this module. In the four designs described above, the security module has the means for executing a program (CPU) stored in its memory. This program allows the execution of the security operations, verifying the rights, effecting a decryption or activating a decryption module etc.
This security module is required for decrypting the scrambled content packets of the digital transport stream. To this end, the conditional access messages contained in the transport stream are routed to the security module which posses the keys to decrypt the ECM in order to extract the control word (CW) which then will be used by a descrambler (within the multimedia unit) for descrambling the content packets. This process is achieved only if the conditional access rights (provided by the EMM) are valid and checked by the security module.
Content packets, more particularly the payload data of these content packets, can be scrambled by using a Cipher Block Chaining (CBC) encryption mode in which an Initialization Vector (IV) is used as supplementary input, in addition to the encryption key. Therefore, the IV can be seen as a parameter used for altering the encryption key. Typically, this IV is a numerical value used in combination with the base encryption key before the first step of the encrypting content process. Initialization vectors are often used to prevent a sequence of data that is identical to a previous sequence from producing the same result when encrypted. Thus, the use of IV is fully suitable for encrypting data such as content packets resulting from packetized events or programs to be broadcast.
Contrary to the encryption key, the IV does not need to remain secret. Thus, an IV can be simply extracted from a digital transport stream, and then directly used for descrambling content packets of that stream. However, one of the drawbacks resulting from this way of doing is that there is no possibility to control the use of the IV which is open-access within the broadcasted transport stream. According to another known embodiment, the IV can be supplied by the deciphering algorithm itself, where it is generated or can be extracted thereof, sometimes under an encrypted form. One of the drawbacks of this embodiment is that generating of the IV cannot be modified without replacing the deciphering algorithm installed within all the multimedia units.
Document EP 281 223 relates to secure messaging systems and in particular to message errors within communication networks in which a considerable number of personal computers are interconnected. As such systems often use insecure communication media, such as public phone systems, interception and removal of messages, modification of messages and insertion of false messages can be easily performed. To overcome this problem this document suggests storing a history of messages and it suggests including this history in any new message. This document relates to technology background only.
Document EP 1 062 812 discloses a method and apparatus for protection of streamed media content. In particular, it refers to a streaming media player (e.g. a set-top-box) processing content packets transport streams to be rendered on a rendering device (e.g. a TV display screen). This apparatus provides content protection and digital rights management. The transport stream comprises several streams in the MPEG-4 format. For creating protected MPEG-4 content files (each of them comprising initial object descriptor and encrypted content), this document discloses a process which uses a CreateBox representing a DigiBox creation utility. A DigiBox contains governance rules, initialization vectors and keys. In order to save encryption/decryption costs, the content packets are not all encrypted but only one-tenth of the content packets are encrypted. The apparatus can include a Content Management and Protection System (CMPS) for governing the use of controlled content, including decrypting the content and ensuring that the content is only used as permitted associated rules. The user might obtain a CMPS on a smart card to plug into the media player. The CMPS receives the MPEG-4 encrypted content from a demultiplexer, decrypts it and, if the rules are satisfied, sends it to appropriate devices (scene descriptor Graph, AVO Decoder and Object Descriptors) in view to be finally sent to the rendering device. However, the CMPS disclosed in this document is used for performing the same operations (i.e. decrypting the content and ensuring that the content is only used as permitted associated rules) as those performed by means of security modules of the prior art. Besides, the initialization vector comes from the digital transport stream, in particular from the DigiBox contained in the stream. Therefore, this document does not disclose other means for increasing the security of the deciphering process.
Accordingly, there exists a need for providing means for descrambling content packets of a digital transport stream which increase the security of deciphering processes and help to prevent piracy of broadcast contents in a context of a Pay-TV or any other paid service.